How IT leaders can negotiate a SaaS partner contract

John Moore |
July 11, 2012

All companies great and small will eventually work with a SaaS provider. In most cases, the standard contract should suffice, but CIOs will never know what they can add (or subtract) if they don't ask.

Fougere says language specific to security is less frequently inserted. Tenzing complies with SAS 70 Type II and ISO 27001 standards, which provides customers with a level of comfort.

Analysis: How the Cloud Can Solve Security Problems

In a handful of cases, customers will ask Tenzing to include a clause stating that it will conduct annual SAS 70 and ISO 27001 audits for the duration of the contract. Fougere says the company conducts such audits as a matter of course.

Due Diligence with a SaaS Contract Worth the Effort

Customers finding limited room to negotiate can take their deliberations upstream-that is, investigate SaaS contracts upfront and determine which one best fits the organization's needs.

The whole premise of SaaS is to take advantage of a...standardized set of services and, as a result, [vendors] aren't going to be that flexible to individual contract demands," Kaplan says. As a consequence, Kaplan suggests that prospective SaaS buyers shop around, examining standard contract terms across multiple vendors within a given SaaS category.

Analysis: What You May Miss If You Don't Read a SaaS Contract

Smaller SaaS providers require additional due diligence, since a large company could acquire such a vendor and change its product direction, D'sa says. "Unless they are a commodity service that can be replaced very easily, it becomes a warning flag to review in much more detail."

In addition, customers should also consider how tightly to link such providers with in-house systems. SaaS offerings that are not closely integrated with a customer's code or business process may be more readily replaced if the service doesn't work out or the customer finds another vendor with a more compelling feature set, D'sa explains.

Tools for data export/import and migration become a key issue during vendor-switching decisions, he adds, and need to be taken into consideration upfront if there is a possibility of such events.

Alex Bewley, CTO of uptime software, finds that most people tend to click right through the approval part of the company's terms and conditions. Larger enterprises, on the other hand, may fire over their master agreements.

The enterprise stipulations, however, may result in some odd scenarios, Bewley notes. To wit: the company's uptimeCloud SaaS offering monitors a customer's Amazon Web Service usage and costs. The terms of the customer's master agreement may go well beyond the terms they accepted from Amazon. Pointing out that discrepancy causes customers to take pause, he says.